Am 17.03.2016 um 18:51 hat Daniel P. Berrange geschrieben: > For a couple of releases we have been warning > > Encrypted images are deprecated > Support for them will be removed in a future release. > You can use 'qemu-img convert' to convert your image to an unencrypted one. > > This warning was issued by system emulators, qemu-img, qemu-nbd > and qemu-io. Such a broad warning was issued because the original > intention was to rip out all the code for dealing with encryption > inside the QEMU block layer APIs. > > The new block encryption framework used for the LUKS driver does > not rely on the unloved block layer API for encryption keys, > instead using the QOM 'secret' object type. It is thus no longer > appropriate to warn about encryption unconditionally. > > When the qcow/qcow2 drivers are converted to use the new encryption > framework too, it will be practical to keep AES-CBC support present > for use in qemu-img, qemu-io & qemu-nbd to allow for interoperability > with older QEMU versions and liberation of data from existing encrypted > qcow2 files. > > Thus this change, removes the deprecation warning, in its place adding > a fatal error preventing use of qcow[2] built-in encryption inside the > system emulators. Use of qcow[2] encryption in qemu-img, qemu-io, qemu-nbd > no longer triggers any warning message, since that support is now expected > to remain available long term, given the maint burden has been eliminated. > > Signed-off-by: Daniel P. Berrange <berra...@redhat.com>
Let's do this only after the qcow2 LUKS support has been merged so that users have an alternative to switch to. Kevin
